From 69a2b23a01f7aeec80e3ab5c37440bbf5329c7a5 Mon Sep 17 00:00:00 2001
From: Raito Bezarius <masterancpp@gmail.com>
Date: Sun, 18 Jun 2023 17:51:06 +0200
Subject: [PATCH] pkgs/top-level/release: cache openssl-1.1.1u instead of
 openssl-1.1.1t

We were caching this insecure package as part of a decision during 23.05, we will now cache
openssl-1.1.1u too as this is now the de-facto OpenSSL package on 23.05, which is EOL.
---
 pkgs/development/libraries/openssl/default.nix | 4 +++-
 pkgs/top-level/release.nix                     | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix
index 0449651090fe..548b5ee1f2c6 100644
--- a/pkgs/development/libraries/openssl/default.nix
+++ b/pkgs/development/libraries/openssl/default.nix
@@ -220,7 +220,9 @@ let
 
 in {
 
-
+  # If you do upgrade here, please update in pkgs/top-level/release.nix
+  # the permitted insecure version to ensure it gets cached for our users
+  # and backport this to stable release (23.05).
   openssl_1_1 = common {
     version = "1.1.1u";
     sha256 = "sha256-4vjYS1I+7NBse+diaDA3AwD7zBU4a/UULXJ1j2lj68Y=";
diff --git a/pkgs/top-level/release.nix b/pkgs/top-level/release.nix
index 12a340446a5a..6d1070dfa5ef 100644
--- a/pkgs/top-level/release.nix
+++ b/pkgs/top-level/release.nix
@@ -26,7 +26,7 @@
       # for no real reason.
       # Remove them for 23.11.
       "nodejs-16.20.0"
-      "openssl-1.1.1t"
+      "openssl-1.1.1u"
     ];
   }; }
 }: